This role manages three staff members and the overall first-line risk management oversight for US businesses and functional areas. The role will focus on all non-financial risk management activities to ensure the business / functional areas have strong risk awareness and effective controls in place for the business objectives. Each area will be managed as a business and their non-financial risks and controls must be managed proactively, however the accountability and/or responsibility remain within the business / functional areas supported.
KEY DUTIES AND RESPONSIBILITIES
- Manages three staff.
- Responsible to facilitate the RSA, RAS and SIRA mandates.
- Provides oversight and advisory on non-financial risks and impact on people, processes and systems
- Proactively review and advise on end-to-end processes with effective, efficient and complete control design to mitigate risks.
- Works with business on process, risk and control matrices for completeness and accuracy.
- Provides oversight to global and local policy adherence and review for new policies from head office and need for local policies
- Supports new/change initiatives and its change risk, product approval and review, including project management and follow up.
- Reviews and is involved with audit and self-identified issues/actions to advise tactical and/or strategic solutions, including incidents, and ensure clearly written (SMART) actions, understood and dates are reasonable and attainable.
- Reviews procedures to provide suggestions on how to enhance the content with risk and control focus.
- Reviews consistency across policies, procedures, frameworks, process flows, organizational charts, job descriptions, etc. and pursue updates needed.
- Supports the standardization of local policies, procedures, process risk and control listing, process flows, job descriptions, etc.
- Supports internal and external audits and examinations.
- Actively support the business/functional areas, prior to and during internal audits, as a liaison, including providing guidance to the draft audit report.
- As a liaison between the stakeholder and internal audit, provide constructive and objective views for alignment in potential misunderstandings.
- Position does not provide oversight to financial risks, nor prepare business reports/ proposals.
- Position does not perform responsibilities on behalf of the business such as entitlement reviews or perform control monitoring, but rather provide oversight and advisory services to those items.
- Position does not write procedures on the business’s behalf, nor perform business owner activities on the business’s behalf.
REQUIRED KNOWLEDGE AND EXPERIENCE
- Bachelor’s degree in Business or equivalent degree/experience.
Required employment experience:
- Overall minimum of 10 years’ experience in risk management, including minimum of 3 years’ experience in internal audit. Strong preference will be made for candidates with internal audit experience.
- Risk management certification (FRM or equivalent) is highly desirable.
- Highly proficient in the following:
- GRC framework
- Operational risk framework
- Internal audit framework
- COSO framework
- Deep knowledge of risk management, regulatory requirements and industry practices.
- Deep understanding of end-to-end product/transaction/process workflows
- Strong knowledge of support processes, including operations, finance and compliance
- Track record of significant accomplishments in risk management (especially with non-financial risk types) in the financial industry